A slew of Firefox users has fallen victim to a bogus add-on that was masquerading as a legitimate extension of a cryptocurrency hardware wallet called SafePal, Bleeping Computer reports.
One of the victims, who goes by the name of Cali, was shocked to discover that all of the funds went into the hands of scammers:
I was deep in shock...I saw my last transactions and saw that [$4,000 of my funds] were transferred to another wallet. I could not believe it [was an] add-on that is deployed in the add-on list of Mozilla Firefox.
Brandt Issues Extremely Bearish Altcoin WarningMorning Crypto Report: $1.5 Billion in XRP Cut From Circulation, Shiba Inu (SHIB) Sees Brutal 86.14% Collapse in Major Metric, TRON Founder Reveals He Would Pay Elon Musk $30 MillionElizabeth Warren Warns Americans Could 'Lose Big' With CryptoU.Today Crypto Market Review: Fake Bitcoin (BTC) Breakthrough; Shiba Inu (SHIB): Third Time's a Charm; XRP: 3 Price Waves
It is unclear how many other Firefox users were deprived of their funds after downloading the malicious extension. The add-on was operational since mid-February before it was removed just recently.
A bunch of negative reviews from disgruntled users should have been a warning sign.
The user who was scammed by bad actors claims that the police are not capable of tracing the hacker.
Potential victims are tricked into entering their recovery phrases, making it extremely easy for hackers to pilfer their holdings.
What's more, the phishing domain associated with the fraudulent add-on is still live.
Hacks and scams remain prevalent in the cryptocurrency industry. As reported by U.Today, Bitcoin.org, the very first Bitcoin website that was registered by Satoshi Nakamoto, suffered a security breach four days ago.
Earlier this month, a fake YouTube stream of Apple's annual event promoting a Bitcoin giveaway reached roughly 170,000 viewers before it was shut down.
Alex Dovbnya
Denys Serhiichuk
Gamza Khanzadaev